Advertisement

Since our report last night many eBay users have contacted me to say they have been unable to change their passwords - they are finding the eBay system is overwhelmed.

This morning I put this issue to eBay who tells me:

"We know that customers are concerned, and want us to fix this issue straight away, and we are working hard to do just that.

Our first priority is and always has been to protect our user’s information and ensure we correctly deal with the technical challenges such a situation brings, and that is why as a first step we have requested all users change their passwords.

Other steps, including email notification, will follow and we will ensure all eBay users have changed their passwords over the coming days."

Michela Menting, cybersecurity director at technology market experts ABI Research has suggested that hackers gained eBay credentials through "social engineering," a type of psychological manipulation to get people to divulge confidential information.

Menting said that eBay's timely public announcement will reassure public opinion. Credit: Niall Carson/PA

Menting said: "Finally I think their timely public announcement - two weeks after discovery - helps to reassure not only public opinion, but also their own brand reputation.

"Transparency when dealing with incident response for an event that has affected customers, in this case millions, is highly commendable - it means that eBay takes security seriously."

Cyber attackers have accessed eBay customers' names and contact details, the company said in a statement.

eBay said: "The database, which was compromised between late February and early March, included eBay customers’ name, encrypted password, email address, physical address, phone number and date of birth.

"However, the database did not contain financial information or other confidential personal information."

The online auction site said evidence of the hack was first detected about two weeks ago, but it was now making the announcement after "extensive forensics".